Description
install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLES_PREFIX in the configuration file.
Remediation
References
Related Vulnerabilities
WordPress Plugin 10Web Map Builder for Google Maps Security Bypass (1.0.63)
Oracle Application Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2001-1371)
PHP Improper Input Validation Vulnerability (CVE-2016-3185)
WordPress Plugin Elements For Elementor Local File Inclusion (2.1)